|
|
|
Mordel's Bar & Grill |
|
  |
» |
| View previous topic :: View next topic |
| Author |
Message |
Motown Scrapper
Clan Ice Hellions
Galaxy Commander
Joined: 24-Jul-2003 00:00
Posts: 2074
Location: United States
|
 Posted: 12-Mar-2005 06:29 Post subject: Keylogger information (very long) |
  |
|
Recent events have caused me to realize that some security information might provee to be usefull so i am posting some security information that my super security geek brother sent me
Keylogger Information
Below is a definition of what a keylogger is
Information from PestPatrol’s website:
A Keylogger (KeyLogger, Key Logger, or Keystroke Logger) is a program that runs in the background, recording all the keystrokes. Once keystrokes are logged, they are hidden in the machine for later retrieval, or shipped raw to the attacker. The attacker then peruses them carefully in the hopes of either finding passwords, or possibly other useful information that could be used to compromise the system or be used in a social engineering attack. For example, a key logger will reveal the contents of all e-mail composed by the user. Keylog programs are commonly included in rootkits and RATs (remote administration trojans).
Keyloggers and hacking
If you ask a White Hat Hacker (A true hacker (the good guys)) or a Black Hat Hacker (formerly called a cracker (the bad guys)) what a keylogger is you will get similar responses. It is probably one of the most fundamental tools used in hacking. In fact almost every Trojan Horse or Backdoor program contain some form of keylogger, as do a large amount of spyware and malware programs. Keyloggers are available commercially for legitimate use. However there is no control over how they are used once they are purchased. And all it takes is a short trip to the internet underground to find thousands of them. They are very easy to hide in e-mail and download attachments including picture files. They represent the largest growing threat in cyberspace due to their use in committing internet fraud, particularly phishing. And their use in spyware poses an overall threat to personal privacy.
Protection from Keyloggers
The best defense is prevention and common sense. Many of your major anti-virus programs now contain some form of keylogger detection. Personally I have had very good results with Norton Anti-virus 2005. Webroot Spy Sweeper does probably the best job of the anti spyware programs that you can purchase. And both Ad-Aware and Spybot Search and Destroy are very good, and their free.
Common sense in handling e-mails from unknown sources and downloading files from unknown sources are key factors in defense. If you don’t know who sent you the e-mail don’t open it. Delete it. And scan all e-mails for viruses and spyware. Download file from reputable sites that you know. If frequent sites such as warez or crack sites your looking for trouble.
Useful Websites:
Anti-KeyLoggers http://www.anti-keyloggers.com
You can download a trial version good for 10 system reloads)
Anti-Spy Shop (makes Privacy Keyboard) http://www.anti-keylogger.com/
(Has a 30 day trial version of Privacy Keyboard (does not work on Windows XP SP2) for download. Also they are not the same company as above even though they have almost the same URL the only difference is the letter s before the .com on the first URL)
Blazing Tools Software http://blazingtools.com/
Download a 10 day trial version of Personal Anti-Spy. They should know what there doing since the also sell keylogger and surveillance programs. Unlike some other companies their software will tell you if someone has their keylogger program installed on your computer)
Digger Chen http://www.tooto.com/keyloggerkiller/
(Makes Keylogger Killer, has a 15 day trial period)
KL-Detector http://dewasoft.com/privacy/kldetector.htm
(While this program is free, it only detects the possibility of keyloggers. I recommend this only for advanced users since it will give false positive results for legitimate system log files. The information it does provide is fro tracking down possible system, processes, which then need to be further analyzed. Not for the average computer user)
Trapware http://www.trapware.com/
(you can download a trial version of “Who’s watching Me?” good for 90 days)
SpyCop http://www.spycop.com/
(considered the best, but no trial version available)
Sytopkin software http://www.styopkin.com/keylogger_hunter.html
(unlimited free trial version, which means you will get a nag window to buy it. Just close the window when it appears. While this may be annoying it’s a small price to pay if you want to use it for free. This is a silent running program designed to stop better than 90% of the keylogging type activity, so there are no alert windows or logs.)
Answers that work http://www.answersthatwork.com/home_page.htm
(This website is not for keyloggers but provides a lot of useful information. Particularly when identifying processes that you see running in the Windows Task Manager pane. Just look under the Task List section. There is a drivers section which has an excellent list of vendors listed alphabetically in its database. Check out the rest of the site for a lot of other useful information and downloads.)
Note #1: About a year ago most of the major anti-virus companies such as Symantec Corporation (makers of the Norton line of products) began incorporating detection for keyloggers and surveillance software into their current anti- virus programs. While not complete in their detection coverage yet it does a pretty good job. And it is all the more reason to get the newest version of these programs from the various companies. If you want to see if you favorite anti-virus company has this feature, go to their website. If they don’t list if they do, send an e-mail to them inquiring about it.
Note #2: Many of the Rogue anti-spyware companies claim their programs will do everything. Don’t believe it, as always check out the company and its program before downloading them. A good source for doing so is the rogue program list at Spyware Warrior’s website. I have not found anything negative about any of the programs above and most were recommended to me by Security Professionals. None the less I am currently testing them myself and I will let you know of any problems.
Additional information from PestPatrol’s website:
A Key Logger normally consists of two files: a DLL which does all the work and an EXE which loads the DLL and sets the hook. Therefore when you deploy the hooker on a system, two such files must be present in the same directory
There are other approaches to capturing info about what you are doing.
Note: The blue highlighted portions of the following are hyperlinks, if you click on the item while pressing the Ctl key it will activate the link.
Some products, such as Spector and PC Spy, capture screens, rather than keystrokes. As a result, they cannot be detected by KeyPatrol (which does generic keylogger detection), but can be detected by PestPatrol, PestPatrolCL, and PPMemCheck. Some products (such as Win-Spy), capture both keystrokes and screens.
Other products will secretly turn on video or audio recorders, and transmit what they capture over your internet connection.
Consider what ISpyNow can do:
Internet Conversation Logging [screenshot] - Log both sides of all chat conversations for AOL/ICQ/MSN/AIM Instant Messengers, and view them in real time, as they are happening!
Window Activity Logging [screenshot] - Capture information on every window interacted with.
Application Activity Logging [screenshot] - Track every application/executable that was executed and interacted with.
Clipboard Activity Logging [screenshot] - Capture every text and image item that was csent to the clipboard on the remote machine.
Keystroke Monitoring [screenshot] - Track all keystrokes pressed [including hidden system keys!] and which windows they were pressed in. Keystrokes can also be passed through a formatter for easy viewing/exporting.
Websites Activity Logging [screenshot] - Log all websites that were accessed on the remote machine.
A Keylogger might be as simple as an exe and a dll that are placed on a machine and invoked at boot via an entry in the registry. Or a keylogger could be as sophisticated as the ProBot Activity Monitor which boasts these features:
Stealth: invisible in process list
Includes kernel keylogger driver that captures keystrokes even when user is logged off (Windows 2000 / XP)
ProBot program files and registry entries are hidden (Windows 2000 / XP)
Includes Remote Deployment wizard
Active window titles and process names logging
Keystroke / password logging
Regional keyboard support
Keylogging in NT console windows
Launched applications list
Text snapshots of active applications.
Visited Internet URL logger
Capture HTTP POST data (including logins/passwords)
File and Folder creation/removal logging
Mouse activities
Workstation user and timestamp recording
Log file archiving, separate log files for each user
Log file secure encryption
Password authentication
Invisible operation
Native GUI session log presentation
Easy log file reports with Instant Viewer 2 Web interface
HTML and Text log file export
Automatic E-mail log file delivery
Easy setup & uninstall wizards
Support for Windows (R) 95/98/ME and Windows (R) NT/2000/XP
Because a keylogger can involve dozens of files, and has as a primary goal complete stealth from the user, removing one manually can be a terrifying challenge to any computer user. Incorrect removal efforts can result in damage to the operating system, instability, inability to use the mouse or keyboard, or worse. Further, some keyloggers will survive manual efforts to remove them, re-installing themselves before the user even reboots (see W32.Badtrans.B@mm Worm)
Are keyloggers illegal? The answer varies from one jurisdiction to another. In December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. Also, the judge allowed the FBI to keep details of the device secret, citing national security concerns. The defendant in the case, Nicodemo Scarfo Jr., used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the file. More info.
Uses of a Keylogger
Privacy advocates may find no valid use for a keylogger. Those whose strokes are surreptitiously logged may be angered by the invasion of privacy. But administrators in some organizations, and some parents, might find some benefits. Here are some benefits of keylogging, as suggested by the documentation for the
You are suspicious that someone could be using your computer for reasons without your permission. Use ProBot to find out!
You are a parent and your children use the Internet. You could use ProBot to make sure they are using the Internet appropriately and safely.
You are a business with many computers and you want to ensure that your employees are not misusing company property. ProBot will let you know!
You are a system administrator and you would like to track down unauthorized PC usage by hostile individuals.
You wish to retrieve lost information (in case of power loss, etc)
Gather statistical information, e.g. the time person spends surfing Internet or playing games.
More Info
About Your Address - Under the Freedom of Information and Privacy Acts anyone can request your personal details from any US government agency. Information about the rules and instructions on how to get the information.
About.com: Privacy Issues - News and resources concerning laws of privacy, including voyeurism.
About.com: Carnivore - Describes the networking sniffing software and the surrounding controversy.
AnonymityCity.com - Learn how to preserve your online privacy.
Australia's Privacy Commissioner's Website - Government site dealing with privacy issues. Has focus area on information technology and the Internet.
California Privacy Protection - Site seeks to educate and assist consumers in California on database privacy matters.
Cryptome In - Collection of articles and links on privacy issues, especially Echelon.
CyberAtlantis.com - News site regarding privacy and freedom issues. Links to global articles.
Echelon - Personal web site by Paul Wolf concerned with ECHELON global surveillance system and other privacy threats. Links to other issue related sites.
Echelon: Questions asked in Australian Senate - Bob Brown's speech concerning the Australian government's involvement with the Echelon spy network.
Echelon Watch - Encourages public discussion of the Echelon Network, an intelligence gathering organization, that is a potential threat to civil liberties, and to urge the governments of the world to protect our rights.
EPIC Carnivore Litigation - Legal documents presented by the privacy group seeking the release of all FBI records concerning Internet monitoring.
FBI: Carnivore Diagnostic Tool - Official description of the FBI's surveillance software.
Glass Watchdog - Free/Open Source solutions for civil society in cyberspace with daily updates on seminars, conferences, user groups, advocacy action, Free/Open Source privacy and security software, news articles, legal decisions and precedents, legislation and treaties
Glen Robert's Full Disclosure - Glen Roberts exposes sites that disclose private information such as names, addresses, social security numbers etc.
Government Secret Searches - HR 2987 - Commentary by David Bailey on HR 2987 (The Methamphetamine Anti-Proliferation Act of 1999). Has link to bill's full text as well as Congressional links.
Hiding From the Man: How to Protect Your Privacy - Comprehensive guide to protecting your privacy in cyberspace and the real world.
HowStuffWorks: How Wiretapping Works - Article on how wire-tapping works. Links to a variety of other privacy issues such as Carnivore.
Invasion of Privacy - School project on invasion of privacy. Links to some laws.
Junkbusters - Site details a variety of ways privacy is violated or data is shared. Has links for prevention.
Law and Technology Essays [Dr. R. Standler] - Attorney's home page including numerous essays about law, privacy, and technology issues
MyPointExactly.com - Links to a variety of security applications for computers. Also has a free test scan so see how secure your machine is. Includes explanations of many back doors to your computer.
Privacilla.org - Links to articles and opinions about a variety of privacy issues from medical records to bank statements. Articles have linked bibliographies.
Privacy and Civil Liberties - From Computer Professionals for Social Responsibility - program information and links.
Privacy Avenue - This site provides links to a variety of privacy related news, software, and issues.
Privacy Digest - Covers the items directly and indirectly impacting your privacy such as cryptography, wiretaps, Free Speech, DNA and genetic testing, and database tracking in general. Archive goes back to 1997.
Privacy Exposed - Provides privacy related news stories from around the web.
PRIVACY Forum - Forum provided by the ACM (Association for Computing Machinery) Committee on Computers and Public Policy, Cable & Wireless USA, Cisco Systems, Inc., and Telos Systems.
Privacy Law In the USA - Essay on privacy law in the United States, by Dr. R. Standler. Focuses on invasions of privacy by journalists and searches of garbage.
Privacy News - Links to headline news regarding data privacy taken from over a variety of sources.
The Privacy Page - A resource for cryptography, encryption, or electronic privacy information.
Privacy Rights Clearinghouse - A nonprofit consumer education and advocacy project whose purpose is to advocate for consumers' privacy rights in public policy proceedings.
Privacy Times - Privacy Times (Newsletter) covers information law and policy, including Internet privacy, Freedom of Information Act, Privacy Act, financial, medical and communications privacy, and EU Directive.
Privaterra - Provides human rights workers with security technology.
RighttoPrivacy.com - News forum site about issues of privacy.
Speak out on privacy - Links to news articles concerning privacy related issues. Has forum and debate areas.
State Surveillance in the Internet. - A paper on surveillance and surveillance theory on the Internet by Francisco Javier Bernal. Active link bibliography.
Stop Carnivore - Dedicated to the sole purpose of stopping the deployment of the FBI's ISP spy tool called Carnivore.
The Surveillance Society - Americans enjoy unlimited benefits from new technologies in a wired world. But those wires send information in two directions, and the access to our personal data has never been more open for abuse. Online resource for on-air features.
4th Amendment - A web magazine with dissenting opinions about a variety of topics, including privacy issues such as Carnivore and Echelon. Has links to a variety of issues.
Web bugs - Article concerning Web bugs (1-pixel gifs), similar to cookies, that track Internet surfing patterns.
Who Watches the Web? - The latest news on Carnivore, Echelon and several other government efforts to monitor and censor private communications.
Why protect your privacy ? - Information about privacy by Markus Jansson.
World Wide Wiretapping / Eavesdropping Problem - Every week updating unique list of wiretapping and eavesdropping cases around the world, abuse of phone lines for commercial espionage, financial fraud, invasion of security and assaults on privacy.
List of products from www.anti-keyloggers.com
Software monitoring products
Zoran`s Software 2Spy!
CodexDataSystems, Inc. Achtung!
CodexDataSystems, Inc. Achtung! Pro
Segobit Software Actions Monitor
SoftActivity.com Activity Logger
SoftActivity.com Activity Monitor
KMiNT21 Software, Inc. Advanced TCP Logger
Aegis AE Covert Ops (AECC) - Covert Operations Monitor
Aimsoft Development Corporation AIM Keys
Raytown Corporation AlertMobile Pro
Raytown Corporation AlertMobile Light
Arkanum Soft AMonitor
SniffTech ANASIL
OdiSoft AppsTraka
TIFNY AtomicLog
cDc communications Back Orifice
Ascentive LLC Be Aware
iOpus Software BEEE, Better Email Enable Everything
cablehead.com Blackbox
Alexander Jmerik Boss Everyware
catchcheat.com Catch Cheat
Cerberian, Inc. Cerberian
Tybee Software ChatNANNY
Ascentive LLC ChatWatch
Webroot Software Inc. ChildSafe
APEX Software Corp. com.Policy
Covenant Eyes, LLC Covenant Eyes
Marshal Software Content Security
Cresotech, Inc. Cresotech Typerecorer (T-REC)
Cyber Intelligence Software Group Cyber Informer
Pearl Software Cyber Snoop
CodexDataSystems, Inc. D.I.R.T. - Data Interception by Remote Transmission
Kogosoft Corporation DBSpy
BITLOGIC Desktop Detective
Alpine Snow Desktop Spy
Omniquad Ltd. Desktop Surveillance
Omniquad Ltd. Detective
FutureSoft, Inc. DynaComm i:filter
Danil Dks (KeySpy)
Donald Dick Donald Dick
Kogosoft Corporation DWSpy
ClearSwift MIMEsweeper (Content Technologies Ltd) e-Sweeper
Websense Inc. Employee Internet Management (EIM)
BSSCO, Inc. ENFILTRATOR Black Box
eSniff, Inc. eSniff
OTG Software, Inc. EmailXaminer
Fatline Corporation FastTracker
APEX Software Corp. FamilyCAM
galaxyTrading galaxySpy
Wards Creek Software,Inc. GameWarden
Sureshot Ghost Keylogger
GlobalPatrol GlobalPatrol
Golden Eye Golden Eye
BadBoyKilla Hack '99 KeyLogger
Streiff Information Services HackerWacker
Ilya V. Osipov HookDump
KMiNT21 Software, Inc. Home Key Logger
Symantec Corporation I-Gear
Tybee Software IamBigBrother
ICUSurf, LLC ICUSurf
IIPwr.com IIPwr Package
Elron Software IM Web Inspector
OTG Software, Inc. IMxtender
ITKsoft In The Know
BITLOGIC INControl
Ingenuity (UK) Ltd Ingenuity
TalyaSoft Informer
Jungle-Monkey Software InLook Express
FobiaSoft Inspector
Sequel Technology Corporation Internet Resource Manager (IRM)
NataSoft IntraSpy
WinWhatWhere Corporation Investigator
Alin Inclezan Invisible Activity Spy
Amecisco Invisible KeyLogger 97
Amecisco Invisible KeyLogger Stealth
iOpus Software iOpus STARR
iSpymail.com iSpy
iSpyNOW.com iSpyNOW
iSpyNOW.com iSpymail
Lower Hutt iWonder Recorder
UltraSoft Key Interceptor
Idigital Technologies Key Thief
Diplodock.com Keyboard Guardian
Original Programs, Inc. Keyboard Monitor
Tenebrill Inc. Keycorder (Key-Corder)
Mikko Technology KeyKey
Yourbusted.com KeyKey
OXD Software Keylogger
miniCoders KeyLogger
NGF Digital Productions Key Logger
IIPwr.com KeySpy
Marc Leblanc KeySpy
DewaSoft Keystroke Reporter
Arne Vidstrom klogger
SurfControl plc LittleBrother
Symantec Corporation Mail-Gear
Marshal Software MailMarshal SMTP
ClearSwift MIMEsweeper (Content Technologies Ltd) MAILsweeper
Tumbleweed Communications Messaging Management System (MMS)
MDSA Software MDSA Sentinel
ClearSwift MIMEsweeper (Content Technologies Ltd) MIMEsweeper
Omniquad Ltd. MicroManager
A Value Systems MoM
SecureMac Monitorer
Kra-Tronic Corporation Mouse and Key - Recorder
wizard Industries Ltd. My Little Spy
N2H2, Inc. N2H2
NetBus NetBus
iomart Group plc NetIntelligence
eSynch company (Kissco) NetMonitor
ExploreAnywhere Software NETObserve
Telemate.Net Software, Inc. NetSpective WebFilter
Telemate.Net Software, Inc. NetSpective Reporter
Original Programs, Inc. Online Recorder
ProtectCom Orvell Monitoring
ntlworld.com PasTmon
Next Generation Count (NGC) PC & Internet Monitor
Raytown Corporation PC Activity Monitor (PC Acme)
Raytown Corporation PC Activity Monitor Net (PC Acme Net)
Raytown Corporation PC Activity Monitor Pro (PC Acme Pro)
Strategic Business Solutions Inc. PC Monitor
Softdd.com PC Spy
PC Spy PC Spy
PC Weasel PCWeasel
Peter Surrena Design, Inc. PeopleMonitor
Pearl Software Pearl Echo
NetHunter Group ProBot
ClearSwift MIMEsweeper (Content Technologies Ltd) PORNsweeper
iCognito Technologies Ltd. PureSight
Kintech, Inc. QuietEye
FobiaSoft Raven
Brian Cadge RazzMon
Greene Global Investment Group Realtime Spy
RedHand Software Ltd. RedHand
Strategic Business Solutions Inc. Resource Monitor
Anton Vasiljev ResShow
SafeNetCorp.com SafeNet
SafeNetCorp.com SafeNet Pro
VAAP Salus
Alpine Snow Save Keys
Softcentral SC-KeyLog
Mikko Technology Screen Logger
Kogosoft Corporation ScreenSpy
iQuesoft-Online Second Sight
ClearSwift MIMEsweeper (Content Technologies Ltd) SECRETsweeper
sentrycam.com SentryCam
Spytech Software Shadow
Adavi, Inc. Silent Guard
Adavi, Inc. Silent Watch
SilentRunner, Inc. SilentRunner
Tryco Ltd Slymail
Virtual Imagination Inc. Snapshot Spy
SpectorSoft Corporation Spector
SpectorSoft Corporation Spector Pro
Zackware spIE
SRA International, Inc. SRA Assentor
Cube'd Productions Spy
spysoft.de Spy Camera
Spytech Software SpyAgent
Spytech Software SpyAnywhere
spyAOL spyAOL
ExploreAnywhere Software SpyBuddy
TSM-Soft SpyCapture
Spytech Software SpyCheck
cablehead.com SpyGraphica
Baysite Plus Publishing Spysoft
red0xd stAllIOnized KeyLogger
ICaughtYou LLC Stellar Internet Monitoring
iOpus Software Stealth Activity Monitor (SAM)
Peter Zierl Stealth Activity Reporter
Raytown Corporation Stealth Email Redirector (SER)
Raytown Corporation Stealth Keyboard Interceptor (SKIn 2000)
Raytown Corporation Stealth Keyboard Interceptor Auto Sender
P.G.M. Stealth KeySpy
Amecisco StealthMail
Buffalo Software, Inc. Surf Snoop
Rahul Soni Stealth Spy
Omniquad Ltd. Surveillance Anywhere
BySoft Data AB Surf Spy
SurfControl plc SurfControl
Esm Software Surfing Spy
Harris Digital Publishing Group System Detective
AB Software System Spy
Matthew T. Pandina Tiny Key Logger
Trisys, Inc. Trisys Insight
SecureMac TypeRecorder
Raheel Abdul Hameed Ultimate Spy
Urbis.net Ltd UrbisNet
Vericept Corporation Vericept VIEW
REALCODE Development Inc. Visage PC surveillance
Ersieht, Inc. WatchDog
Zemerick Software Inc. Watchful Eye
ClearSwift MIMEsweeper (Content Technologies Ltd) WEBsweeper
Softec Enterprises Inc. WebPI
Christian Walter Windows Keylogger
BySoft Data AB Windows Remote
BySoft Data AB Windows Spy
Webroot Software Inc. WinGuardian
WinRecon WinRecon
BC COMPUTING Win-Spy Windows Monitor
Tropical Software Winvestigator
withu.com WIP Ethernet Analyzer
gmgDesign Software XLog
8e6 Technologies X-Stop
Hardware monitoring products
Allen Concepts, Inc. KeyKatcher
Allen Concepts, Inc. KEYKatcher Pro
Amecisco Hardware KeyLogger
Amecisco Hardware KeyLogger Keyboard Edition
KoTecH Enterprises, Inc. The Password Spy
KeyGhost Ltd. KeyGhost II Professional
KeyGhost Ltd. KeyGhost II Multi-Lingual
KeyGhost Ltd. KeyGhost II Standard
KeyGhost Ltd. KeyGhost II Security Keyboard
KeyGhost Ltd. 'Optional' KeyGhost Turbo Download Adaptor
MicroSpy Ltd. Professional Computer Surveillance Kit
MicroSpy Ltd. Keyboard Kit
MicroSpy Ltd. MicroGuard
Goverment monitoring tools
The Magic Lantern technology, part of a broad FBI project called "Cyber Knight," would allow investigators to secretly install over the Internet powerful eavesdropping software that records every keystroke on a person's computer, according to people familiar with the effort. Magic Lantern
Keystroke monitoring device using to discover the passphrase to an encrypted file Key Logger System (KLS)
NSA's Global Electronic Interception.... Echelon is perhaps the most powerful intelligence gathering organization in the world. Several credible reports suggest that this global electronic communications surveillance system presents an extreme threat to the privacy of people all over the world. According to these reports, ECHELON attempts to capture staggering volumes of satellite, microwave, cellular and fiber-optic traffic, including communications to and from North America. This vast quantity of voice and data communications are then processed through sophisticated filtering technologies. ECHELON
Carnivore/DCS1000 is an electronic "wiretapping" tool, currently in use by the FBI. Details of how the system works are short on specifics. What is known is that Carnivore/DCS1000 would be installed at the suspect's Internet service provider to scan all incoming and outgoing emails--including sender and recipient addresses as well as subject lines - for messages related to a criminal probe. And while the system, a sophisticated combination of hardware and proprietary software, can perform fine- tuned searches, it is also capable of broad sweeps, potentially enabling the agency to keep tabs on all of the network's communications. DCS-1000 (formerly called CARNIVORE)
Hidden data transmission using electromagnetic emanations TEMPEST
Technology that listens to worldwide television and radio broadcasts and transcribes detailed reports for analysts. Oasis
Technically, this tool sponsored by the CIA could be used as an aid to hackers, as well as those hiding from governments and companies who filter what their users are able to see. Triangle Boy
Some further notes on P2P file sharing:
The following is from the SANS (SysAdmin, Audit, Network, Security) Institute.
W7 File-Sharing Applications
W7.1 Description Peer to Peer File Sharing Programs (P2P) are used by a rapidly growing user base. These applications are used to download, and distribute many types of data (e.g. music, video, graphics, text, source code, and proprietary information to name a few). P2P applications have a number of legitimate uses, including the distribution of OpenSource/GPL binaries, ISO images of bootable Linux distributions, independent artists' creations, and even commercial media such as film trailers and game previews. Other times, the data is either of a questionable nature or is copyrighted. With the legal troubles experienced by Napster, the majority of these P2P programs now operate through a distributed network of clients, sharing directories of files or entire hard drives of data. Users can enter search parameters through the client software, and then one or more channels of communication are opened between participants as the client software contacts other network participants to locate the desired file. Clients participate by downloading files from other users, making their data available to others, and in some models by functioning as super-nodes which can coordinate searches for multiple users. Peer to Peer communication consists of get requests, replies, and file transfers. A participant can concurrently perform multiple downloads while also serving multiple uploads. Searches for content can use almost any text string the user can conceive. Most of these programs currently use default ports, but can automatically or manually be set to use different ports if necessary to circumvent detection, firewalls, or egress filters. The trend seems to be moving towards the use of http wrappers to more easily bypass corporate restrictions. The multithreaded nature of searches and transfers can generate significant traffic on densely populated LANS and can completely saturate WAN links. A number of vulnerabilities exist when using P2P software. They can be categorized into three types. Technical vulnerabilities are those that can be exploited remotely. Social vulnerabilities are those that are exploited by altering or masquerading binary content that others request. And legal vulnerabilities are those that can result from copyright infringement or objectionable material. As mentioned above, technical vulnerabilities are those that can be exploited remotely and may result simply from a user downloading, installing, and running a programs. The CVE and CAN entries listed below all address technical vulnerabilities. These range from Denial of Service to arbitrary file access, and should be taken very seriously. Not addressed in the CVE database, but of serious concern, are the privacy and confidentiality issues that P2P applications can cause. Many of these applications include "spyware" or "adware" components that can consume even more bandwidth as they report web-surfing habits back to their makers. A poorly configured P2P client can provide unauthenticated access to your entire network by sharing mapped drives through the P2P application. There is little to no restriction on the type of data files that can be shared. Compromise of confidential information, intellectual property, and other data can result. Social vulnerabilities exist when a malicious or previously infected user creates or alters a file to resemble something desired by another user. Virii, trojan horse programs, worms, and other malware can result. The victim of such attacks is usually the less technical user, who will "double-click" a file without noticing that the extension or icon is not what is normally associated with the data type, or that can be duped into launching an executable. Regardless of the nature of the content downloaded, users must use current anti-virus software to scan the downloads. Whenever possible, checksums should be validated to ensure that what is downloaded is what the user wanted and what the creator intended. P2P mechanisms can also used to propagate malicious code, with a number of viruses spreading by masquerading as desirable P2P content and storing themselves in the shared content folder of infected clients. P2P traffic can also tunnel command and control traffic to compromised machines (zombies.) Legal vulnerabilities must be taken seriously by both the corporate user and the home user. Content available through P2P applications includes copyrighted music, movies, and program files. Organizations including the MPAA, RIAA, and BSA are all actively seeking to put an end to the copyright infringement occurring through P2P networks. Subpoenas for user id's, injunctions, and civil suits have all been brought in courts across the country. The success of these efforts, or lack thereof, and the morality or immorality of downloading such material must all be secondary to the costs for a company to respond to and defend against allegations of wrongdoing. Pornographic content is also widely available through the P2P networks. Whether such material is legal in your jurisdiction or not is irrelevant if a sexual harassment lawsuit is brought against your company because an employee downloaded material using a company computer that another employee found offensive. W7.2 Operating Systems Affected There are versions of P2P software available for all Windows operating systems currently in use, along with versions for UNIX and Linux systems.
_________________
Having more fun than a human being should be allowed to have-Rush Limbaugh www.rushlimbaugh.com
Force of nature
Still crazy after all these years
|
|
| Back to top |
  
|
|
|
| |
» |
All times are GMT-04:00 |
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
|
|
|
|
